Hi,
If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Martin
--
Quidquid latine scriptum sit, altum viditur.
8  2801 
Martin Eisenberg wrote: If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
This is a C question, is it not?
V
Victor Bazarov wrote: Martin Eisenberg wrote: If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
This is a C question, is it not?
No. I'm not using C and I have no reason to presume that it's just
the same or that a C user would know all that may be relevant in the
C++ context. Some also like to point out in such cases that the
mentioned functions do belong to C++...
While I'm at it, I anticipate being told just to use iostream -- the
response to that is that I really want to know, I can second-guess
myself just fine, and will do so at least twice in any case.
Martin
--
Quidquid latine scriptum sit, altum viditur.
Martin Eisenberg wrote: Victor Bazarov wrote:
Martin Eisenberg wrote: If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
This is a C question, is it not?
No. I'm not using C and I have no reason to presume that it's just
the same or that a C user would know all that may be relevant in the
C++ context. Some also like to point out in such cases that the
mentioned functions do belong to C++...
While I'm at it, I anticipate being told just to use iostream -- the
response to that is that I really want to know, I can second-guess
myself just fine, and will do so at least twice in any case.
The reason I asked was simple: 'sprintf', 'exit', and 'abort' are
all Standard C library functions, and they (C folks) probably know
more what's going to happen and what to do to rectify things. I
only know one thing: if the buffer gets overrun, the behaviour of
the program in which it happens is undefined. For all we know, if
you call 'exit', it might instead behave as if you called 'abort'
and vice versa...
V
Martin Eisenberg wrote: Hi,
If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Depends on your platform I guess, if abort provides some form of
post-mortem debug (like a UNIX core file), use it. This more of an
exception tan an error condition, this sort of thing you'd trap with an
assert - which often calls abort.
--
Ian Collins.
On 16 Jan 2006 23:09:31 GMT, Martin Eisenberg
<ma**************@udo.edu> wrote in comp.lang.c++: Hi,
If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Martin
Once your program has written beyond memory that belongs to it, you
have entered the realm of undefined behavior. There is no guarantee
that your program will survive to detect it.
If you can't guarantee that your program will not overwrite a buffer
using sprintf(), don't use sprintf().
--
Jack Klein
Home: http://JK-Technology.Com
FAQs for
comp.lang.c http://c-faq.com/
comp.lang.c++ http://www.parashift.com/c++-faq-lite/
alt.comp.lang.learn.c-c++ http://www.contrib.andrew.cmu.edu/~a...FAQ-acllc.html
Martin Eisenberg <ma**************@udo.edu> schrieb: If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Don't use sprintf, use snprintf.
Markus
Markus Becker wrote: Martin Eisenberg <ma**************@udo.edu> schrieb:
If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Don't use sprintf, use snprintf.
Is vsnprintf also standard? GCC has it but I don't see either in the
'97 standard draft.
Martin
--
Quidquid latine scriptum sit, altum viditur.
Martin Eisenberg wrote: Markus Becker wrote:
Martin Eisenberg <ma**************@udo.edu> schrieb:
If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Don't use sprintf, use snprintf.
Is vsnprintf also standard? GCC has it but I don't see either in the
'97 standard draft.
Why use a printf variant at all? Use streams, or boost::format if you
really want printf-style.
Better not to use variable argument lists too. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: inkapyrite |
last post by:
Hi all. I'm using ifstream to read from a named pipe but
i've encountered an annoying problem. For some reason, the
program blocks on reading an ifstream's internal buffer that's
only half-filled....
|
by: David Sworder |
last post by:
Hi there,
I come from a Visual C++ background. When writing a service that's
exposed to the Internet, I had to check the incoming data stream (from the
client) VERY carefully. If a hacker was...
|
by: John Hensley |
last post by:
There are a couple of bugs in the atlpath.h file that ships with
DevStudio 2003 and DevStudio 2005 Beta 1 & 2. These bugs result in
buffer overrun and memory corruption problems. After...
|
by: Lonewolf |
last post by:
Hi
I'm faced with a very pesky problem. I have a managed assembly done in
C++/CLI which interface to native C++ codes, and a C# app which consumes
this assembly. I realize that when both the app...
|
by: Anthony Baxter |
last post by:
SECURITY ADVISORY
Buffer overrun in repr() for UCS-4 encoded unicode strings
http://www.python.org/news/security/PSF-2006-001/
Advisory ID: PSF-2006-001
Issue Date: October 12, 2006...
|
by: Nico |
last post by:
Where can I get it? I am a new comer here, I need your help.
|
by: Philip Potter |
last post by:
Hello clc,
I have a buffer in a program which I write to. The buffer has
write-only, unsigned-char-at-a-time access, and the amount of space
required isn't known a priori. Therefore I want the...
|
by: =?Utf-8?B?QWxmb250eg==?= |
last post by:
Looking for some insight into an issue with a MS Word 2003 addin using class
serialization to store data.
When using firewall software with a ‘Buffer Overflow Exploit Prevention’
feature,...
|
by: raashid bhatt |
last post by:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
void func(char *p)
{
char i;
strcpy(i, p);
}
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
